The background description provided herein is for the purpose of generally presenting the context of the disclosure. Unless otherwise indicated herein, the materials described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Key domain selectors, also referred to as ‘crypto-colors’, are values used to annotate memory data structures for enhanced security. Key domain selectors participate in a memory encryption process as encryption tweaks, effectively acting as if a different key was used to encrypt the content/data being stored in memory. Key domain selectors associate encrypted memory content/data with specific uses, code paths, or instances of executing applications, allowing different access control policies to be applied to different software domains. Using key domain selectors, computer systems can offer increased protection against a range of corruption events and attacks, such as, for example, software bug-related corruption events (e.g., Use-After-Free, UAF), buffer overflow attacks, physical attacks on memory, and malware attacks including inappropriate memory accesses due to return oriented programming (ROP) injected malware, among others. Key domain selector sizes can range from few bits (1, 2) to large numbers of bits (e.g., 32, 64 or 128).
Notwithstanding protection against corruption events and attacks provided by key domain selector techniques, memory integrity may still be compromised by deliberate attacks on both hardware and software and by bugs and errors found in both hardware and software. Legacy key domain selector techniques improve identification of memory integrity violations, but do not identify or determine a cause thereof.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications, and variations thereof will be apparent to those skilled in the art.